Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw enables authenticated attackers to execute arbitrary SQL commands through specially crafted ETRN SMTP transactions when specific configuration conditions exist. The vulnerability was reported through responsible disclosure channels
The post Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries appeared first on Cyber Security News. Read More
Posted inNews